C# 401在每个CRUD.NETFramework API上
所以我有一个项目,它是一个.NETFramework api和一个角度前端 我最近添加了OWIN JWT身份验证,但似乎我所做的任何事情都会返回401错误。我尝试了100种解决方案,但都没有成功 当我登录时,JWT被正确地传递到前端 我的startup.csC# 401在每个CRUD.NETFramework API上,c#,.net,angular,jwt,C#,.net,Angular,Jwt,所以我有一个项目,它是一个.NETFramework api和一个角度前端 我最近添加了OWIN JWT身份验证,但似乎我所做的任何事情都会返回401错误。我尝试了100种解决方案,但都没有成功 当我登录时,JWT被正确地传递到前端 我的startup.cs using System; using System.Text; using Microsoft.Owin.Security.Jwt; using Microsoft.Owin.Security; using Microsoft.Ident
using System;
using System.Text;
using Microsoft.Owin.Security.Jwt;
using Microsoft.Owin.Security;
using Microsoft.IdentityModel.Tokens;
using System.Threading.Tasks;
using System.Web.Configuration;
using Microsoft.Owin;
using Owin;
[assembly: OwinStartup(typeof(AgriLogBackend.Startup))]
namespace AgriLogBackend
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("GuessThePassword----"))
}
});
}
}
}
我的控制器具有[授权]属性
我确实将正确的JWT传递给了控制器,但似乎它没有授权
非常感谢您的帮助
在这里,我使用这样的帖子:
const ops = { // <<<<<< Initialize header with token
headers: new HttpHeaders({
'Authorization': 'Bearer ' + localStorage.getItem("jwtToken")
})
};
return this.http.get<types>(this.baseURL + "EquipmentTypes/" + localStorage.getItem("currentFarm"),ops);
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("GuessThePassword----"))
}
您可以按如下方式设置
TokenValidationParameters
:
const ops = { // <<<<<< Initialize header with token
headers: new HttpHeaders({
'Authorization': 'Bearer ' + localStorage.getItem("jwtToken")
})
};
return this.http.get<types>(this.baseURL + "EquipmentTypes/" + localStorage.getItem("currentFarm"),ops);
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("GuessThePassword----"))
}
它告诉JWTBeareAuthentication中间件检查每个令牌是否存在有效的颁发者和受众声明(iss
和aud
)
由于您在创建令牌期间没有同时添加这两个声明,因此验证将失败。您可以选择关闭以下选项之一:
ValidateIssuer = false,
ValidateAudience = false,
以便不执行这些检查,或在创建令牌时为其添加适当的声明:
var descriptorToken = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = Credentials
TokenIssuerName = "YourIssuer", // add your issuer here
AppliesToAddress = "YourAudience", // add your audience here
};
var Handler = new JwtSecurityTokenHandler();
var userToken = Handler.CreateToken(descriptorToken);
参考